Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deep security vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2023-5841
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as...
Openexr Openexr
7.8
CVSSv3
CVE-2023-52337
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability ...
Trendmicro Deep Security 20.0
Trendmicro Deep Security Agent 20.0
7.8
CVSSv3
CVE-2023-52338
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to exe...
Trendmicro Deep Security 20.0
Trendmicro Deep Security Agent 20.0
5.3
CVSSv3
CVE-2023-28968
An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic app...
Juniper Appid Service Sigpack
Juniper Jdpi-decoder Engine
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos 22.2
Juniper Junos 22.3
6.5
CVSSv3
CVE-2022-42321
Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of ...
Xen Xen -
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-42003
In FasterXML jackson-databind prior to 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
Fasterxml Jackson-databind
Quarkus Quarkus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Workflow Automation -
6 Github repositories
7.5
CVSSv3
CVE-2022-42004
In FasterXML jackson-databind prior to 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.
Fasterxml Jackson-databind
Quarkus Quarkus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Workflow Automation -
4 Github repositories
3.3
CVSSv3
CVE-2022-40707
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local malicious user to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execut...
Trendmicro Deep Security Agent 20.0
3.3
CVSSv3
CVE-2022-40708
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local malicious user to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execut...
Trendmicro Deep Security Agent 20.0
3.3
CVSSv3
CVE-2022-40709
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local malicious user to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execut...
Trendmicro Deep Security Agent 20.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »